Executing a Blackhole Policy on the DamDDoS

Context

The blackhole policies executed on the DamDDoS can be divided into the dynamic blackhole policy and static blackhole policy based on the task generation mode.

Procedure

  1. Configure a blackhole API.
    1. Choose Defense > Policy Settings > Zone.

      To execute a blackhole policy on the DamDDoS, set the blackhole type to Blackhole API and configure a blackhole API.

      To ensure that the clock on the ATIC is consistent with that on the DamDDoS when the blackhole API function is used, configure the clock of the ATIC server to synchronize with the Internet.

    2. On the Blackhole page, click .
    3. Select a service provider and set related parameters for authentication. Table 1 lists related parameters.
      Table 1 Configuring a blackhole API

      Parameter

      Description

      Third-Party

      Select DamDDoS.

      Enable blackhole API

      Select Enable blackhole API. Only after the blackhole API function is enabled, the ATIC can invoke the blackhole API to notify the DamDDoS of enabling the blocking service.

      Default plugging policy

      This parameter is set only after Third-Party is set to DamDDoS.

      Select a plugging policy.

      Once an attack occurs, enable the corresponding policy.

      • Plugging the whole network
      • Plug the other operators
      • Plugging foreign operators
      • Plug other operators (Only China telecom network can visit)

      URL

      Set the URL of the service provider blackhole API.

      Access key

      Set the access key of the service provider blackhole API for authentication.

      Encryption key

      Set the encryption key of the service provider blackhole API for authentication.

      The encryption key is advised to be composed of letters, digits (0 to 9), and special characters (such as !, #, $, and %). Change the encryption key periodically.

      Scheduled unblocking time

      Set the aging time of the blocking policy for DamDDoS. When the blocking duration (starts timing after the blocking service is enabled for DamDDoS) reaches the specified time, the DamDDoS automatically cancels the blocking policy. The value is in the range from 5 to 1400, in minutes.

      Select certificate
      Select a certificate from the drop-down list box.
      NOTE:

      Before setting this parameter, manually download and create the DamDDoS certificate. For details, see Certificate Management.

      To download the DamDDoS certificate, visit https://api.damddos.com/.
    4. Click Test to perform the authentication.
    5. After the authentication succeeds, click OK.
  2. Configure the notification mode of second-level blackhole event.
    1. Choose Defense > Policy Settings > Global Policy.
    2. Click .
    3. In the Attack Defense Configuration dialog box, select Sending Alert To ATIC for Notification Mode Of Second-Level Blackhole Event.

    4. Click OK.
    5. Click .
Parent topic: Triggering a Blackhole Policy for the Third-Party System Through the RESTful API
Copyright © Huawei Technologies Co., Ltd.